For the past days I've been participating(albeit over Teams) in a conference relevant to my industry (intel), basically startups and established companies showcasing their products to a closed audience of EU gov. officials.
One thing I noticed right away, is that all companies were asked "Can we fully host this from within EU or our country" from the various people in audience. Every single one. Many of the startups had slides prepared for this.
Definitely a change, because it is not something I can recall being important just a couple of years ago.
Several organizations in my area of Canada (including ours) have this as a directive right now too, and are actively exploring options for ensuring data is hosted in Canada or Europe (or have already begun or completed their migrations).
Being hosted in Canada is no longer the safety many assumed before. In reality it should not be an American company beholden to the current administration.
Loss of trust towards US is one factor; another is enshittification of services; yet another are good enough monopolies that EU don't have capital to disrupt
GDPR gave us "oh cool AWS has eu-west-1 and pretends to comply so we can also pretend to comply" but I think the tone has shifted to actually caring, at least a little bit. And with the CLOUD act all the US based hyperscalars can't really offer compliant hosting.
In some cases but not enough. Some of us has been doing a lot to help educate companies and business here and with the current administration - and the fact that they are being explicitly backed/funded by the Silicon Valley tech companies long resisted government overreach - have helped to finally open ears in boardrooms to the dangers of the Cloud Act and other leverage.
The USA is threatening war with the the EU and its allies. A loss of trust doesn't quite convey the seriousness of relationship destruction this causes and the monumental shift that is now happening.
I started the process of this back in January and now, at least in terms of product hosting; fully migrated into European infrastructure (https://bannermedia.ltd).
It didn't come without a bit of pain, but glad I've done it - and to come with this I've ended up building a whole terraform setup for cross provider / cross region high availability within Europe.
So far my key mappings included:
- Cloudflare -> Bunny CDN (and honestly I am so impressed with Bunny so far)
- AWS (or similar) -> Hetzner + OVH; I'm also looking at Civo.com for UK presence.
- GitHub -> Forgejo. I do actually still operate in GitHub for development only work, however Forgejo is mirrored within my European private network, and thats where deployment workflows happen.
- Google Analytics -> Self hosted Umami.
I'll be doing a writeup fairly soon on the entire process.
Waiting for your writeup, especially the Bunny part. We moved away from AWS but Cloudflare remains a point of failure, we are going to remove it as soon as we have some spare time to do the required research.
Well this is nice. Apparently I reached some limits (thanks all), and had to pay Cloudflare more. Fair I guess, although some warning would've been nice. Tried multiple payment options multiple times just now and Cloudflare botched every time without giving me an error message. Finally managed to get it through on the 10th time. Please be gentle now :/
Showed Cloudflare error page "Please check back later - Error 1027" for me for a while... And DNS pointing there! So probably not that European after all!
While I agree with him that the US is becoming more unpredictable, I don't think the EU is much better, especially with regards to digital things where they can be worse in some ways. For example, they are discussing restricting VPN access for 'child protection'[1]
I think that's a very different kind of concern, and its also been very predictable and slow.
I would also say though, you have to be a bit careful about "they are discussing" because there are many people across different countries with different agendas, and a huge amount of discussion between people. Your link for example is a pretty good bit of background info, clearly saying VPNs aren't just about accessing porn
> In the corporate world, VPNs are essential for secure remote work, allowing employees to access company
systems without compromising sensitive information. For individual users, VPNs prevent tracking by
internet service providers, advertisers and potential cybercriminals. They are also used to access
educational or entertainment content that may be restricted in certain countries, including authoritarian
regimes, supporting freedom of information and digital inclusivity, as censorship becomes more difficult to
enforce through VPN use.
It links off to sites discussing possible approaches to age verification which highlights that various approaches in France didn't meet the regulators requirements because of a lack of privacy.
I think this is a different kind of concern about how your products must work compared to worrying that with little to no notice your country may be cut off due to a diplomatic spat from some specific service.
It's horrible everywhere. If you're in the EU go donate to: https://epicenter.works/ They're a citizen rights NGO working against all that BS in the EU (and in Austria, where they're from).
Most digital things in Europe are in fact much better. Lots of laws allow people to protect themselves from digital exploitation.
I agree that there is a ton of bullshit as well though. Gotta dox myself with imprints for example, so I cant share my work with people without also doxing myself. Also as a hobbyist you pretty much need all the business documents as well, like a privacy policy even if its just a small public app on the playstore. Also gotta make sure that data of European citizens never leaves Europe and and and... Lots of things to remember.
And before anyone asks, yes I know an imprint usually is only required for businesses, but nowadays pretty much everything could have business intent.
True, I guess Germany has a lot of extra layers to all this. It's really not easy to actually publish anything without being in risk of some bored lawyer making your life hell.
Utah has already implemented this. But yes this and Chatcontrol is very bad. The EU is not all good and we need to keep fighting such government overreach.
Currently, if you want the internet-climate of the 1990s or even 2010s, you need to build yours, preferably on a different planet, with your own hardware.
We don't have any "ideal" places anymore.
And we need to defend what we support and believe.
This is exactly right. The new internet is analogous to cable television, but of course so much worse in many ways. The outrage and addiction are far worse, there are brand new privacy constraints, and of course it's controlled by powerful business interests with much more time and resources to pump into the problem than you have to fight it.
Have you been around at that time? NSA had recording boxes at ISP routing places, every few days guy would come to swap hdds. Most com was unencrypted. Or read about echolon...
Yeah echelon seemed overwhelming at the time, and encryption was to be the answer.
But it turn out surveillance works just fine if you only focus on the meta data. Knowing who takes to whom, and which sites people visit is much more valuable (and much cheaper) than scanning the actual payload.
And why collect all that data yourself if ad companies are happy to sell it to you, ie to the government? (Huh, maybe that's why Facebook changed its name to Meta, come to think of it)
I was four when I was programming my Commodore 64.
I have seen "parallel [dial-up] modem banks" for "lawful interception", then specialized Ethernet cards for DPI, watched traffic analysis dashboard of a REDACTED country live, did DPI on powerful-enough systems myself for personal testing.
I have gone through USENET, flame wars, IRC; did my own MITM, etc. Always knew about echelon, how escrow based Encryption canceled last moment, etc. etc. etc.
At least, the barriers were higher then. These barriers required people to be considerate, well-targeted and selective. Now we don't have any of these. The overhead is almost non-existent for these things.
Doing dragnet operations were costly, and this allowed curious yet good-hearted people to understand the environment they lived in. Now, we're all blacklisted by default and whitelisted as long as we don't touch the wrong paving stone on the internet.
Of course. But then again, it was the US that threatened the EU with military invasion, so if you want your service to continue uninterrupted, it helps being prepared.
The author isn't just moving their personal setup; they're also moving their business operations. It's not some slacktivism 'I don't like the US any more' issue; it's a 'how can I maintain my income now the US is firing all its glass cannon' issue.
Also, the "open your app store to competitors" was just bullshit, eyewash, cop out. The apps on these "alternative app stores" still need to jump through all the hoops, pay apple development fees, get approved etc.
> they are discussing restricting VPN access for 'child protection'
Just like with encryption, there will always be an idiot politician somewhere discussing banning it. Mr Google tells me, for example, that lawmakers in Michigan (US) recently proposed " Anticorruption of Public Morals Act" which contained VPN banning clauses.
Frankly, until such time as it actually NEARS, let alone BECOMES legislation, the only thing posts such as yours are doing is spreading FUD.
The clue is in the URL you post "thinktank". It not even EU parliament, let alone been through the parliament debates, let alone passed to votes, let alone passed to being implemented by member states .... its just a random idea someone wrote down.
And quite frankly, I would still much rather be in the EU's digital environment than that of the US.
Not only that but if you actually read the linked document it isn't calling for a VPN ban. It's a general report on what VPNs are and how they're perceived by various bodies. It does make reference to the UK Child Safety Commissioner's suggestion that they should be restricted to adult use only but it also talks about how essential they are for business etc. On the whole it's quite balanced and the existence of such a report seems very reasonable.
It's a result from the "European Parliamentary Research Service", hosted on the official website of the European parliament. And it is fully inline with recent attempted and success legislation of the same parliament. I am not sure why you would call this a "random idea" and an established member of the Parliamentary Research Service as "someone".
Matomo charges 22 euros for 50k hits/month.[0] Basically, it's unusable for anything other than a hobby site - especially with the number of crawlers nowadays.
If you self host for free, you're missing basically all of the good parts of web analytics such as funnel analysis as they lock all of those features being paid subs.
Analytics should be self hosted. For any serious business there should never be a reason to use a SaaS product. For SME (including startups) obviously yes. But if you have devops teams then deploy on your own hardware.
I actually decided to self host analytics and generated a simple drop in google analytics replacement. People overthink these things. It's a very straightforward analytics API. And if you ingest the data in a good database or metrics engine (I used Elasticsearch), you can query it quite easily.
In my case, my motivation was that I want to use LLMs to query the data with agents. This whole thing was surprisingly easy to setup and a positive thing is that you don't have a scary extra data controller doing shady things with the data.
Sorry for the self-promotion, just wanted to mention that I'm actively working on https://vemetric.com and will soon provide a self-hosted version as well. Maybe it's interesting for some of you :)
Or, to plug-in my own solution, you can self-host UXWizz[0], pay once, get all features and also receive support/help with setup/self-hosting and long-term maintenance.
A pragmatic article, always nice. I was surprised that gitlab and github was stillton the list. For me moving to self hosted forgejo was one of the easiest transition i had. But i did not have complex CI/CD needs
Heh, ironic that the link is now "temporarily rate limited" my cloudflare. I can't read the article, but it looks like he did not move everything to europe ;-)
Just a nitpick: 1Password is Canadian (still not European, but not us based, if that’s the issue). I do understand the choice to move all into proton though.
Matomo is nice on low traffic, but when we have a sustained rate of 5-25 logins per second and above things become real slow. Using regexps is really bad when you start having problems, but they are fine on low traffic sites.
So If like it but it is a headache on high traffic sites. If anyone have an easy solution I would gladly accept it.
I have worked with two clients. Both north of 8 million visits a month. Both on matomo. Both self hosted.
If you architect the underlying infra right it still works like a charm. But I admit people need to know what they are doing. I was quite impressed with both infra teams.
But as always, if you do not want tu use auto scaling US cloud based services, you need to enasure you have the right scaling and the necessary technical expertise at hand.
I had no problems either, until we hit peaks. We hit our problems at about 7 million unique logins per month, we do not track visits in the same way. I am not that invested in Matomo and it just costs time for me.
I am not sure how you scale Matomo we could not vertically scale anymore, we never did MySQL clusters because it just was not cost efficient for internal reasons.
Managed a fairly large matomo site in the past. Using queue plugin (https://plugins.matomo.org/QueuedTracking) with Redis Cluster really improves the situation. We actually built a custom plugin with Nginx + Lua to avoid PHP altogether for the tracking part. Scaling ingestion then wasn't the problem, draining the queue was
The tracking was not the issue the problem was report generation with segments. Every segment makes you regenerate all the reports. Tracking part is a problem because you need to split the tracking and report part of you want to have something robust.
Yeah trying to move more stuff out of the US too, while simultaneously trying to pick things that don’t follow the stupid unlimited scaling of how much money we can pull out of your wallet model. Two birds with one stone.
There are definitely technical gaps though. eg bunny still uses one unified api key. CF I can lock to an IP and set granular permissions
Proton Mail not supporting filters for message bodies is brutal, I understand why they don't do it but that really lowers its usability for me. Bummer.
That lettermint service looks interesting! I was recently looking for something in that price range that covers both transactional and broadcast emails but couldn't find anything in Europe so I settled on Postmark which has been good, this looks almost identical in features and pricing though.
Same here. I just discovered this and put it in my "check out tonight" folder. I am currently happy using resend. But this looks interesting, especially also for my freelance clients with a focus on EU tech.
I switched to Protonmail a month ago. It is patently inferior to gmail. Every day I get annoyed by some weakness in the UI that google had apparently just always solved without me ever having to think about it. For example, reading long email chains in the proton UI is horrific. I don't know what google did that made it natural to read and proton does so badly, but it is painful to read these long chains of emails. Another example is log emails from my servers are getting grouped together by Proton. Gmail had sepearated the logs into separate emails in a very natural way. These small annoyances add up and I'm not having a fun time right now with proton.
This is actually a pretty interesting observation as GMail, when it first came out, was just as clunky as all the other webmail clients. At the time, everyone was used to Yahoo!, MSN, etc. and Google was the odd one out with their webmail client.
This changed when they were the first folks out there to get a dynamic interface in the browser (some of you may fondly or not so fondly remember the days of DHTML, XMLHTTPRequest, and the like). Fast forward 10 or 15 years and now GMail is the standard by which everything else is measured.
I'm sure there are some things that are objectively better, but a surprising amount of preference comes from familiarity.
Unless you're implying that Verisign isn't a US company, just because .com has become the conventional domain for businesses worldwide doesn't change the fact that it's US-based. Similarly, the EU's widespread adoption of Microsoft Office doesn't make it any less American.
It's a bit like .gov and .edu; technically exclusive to the US. The difference is that .com and .org were opened up for anyone to purchase.
And it goes deeper than just intent: .com was literally administered under a US government contract for decades, with Verisign only ending up in control because they acquired the company that held that government contract.
So while anyone can buy a .com today, the infrastructure and oversight have always been firmly American.
I am not running a company, just a household but this article speaks to me. I have given this topic plenty of thought in the past year as I have a growing unease with large American tech firms and how they use data. These are some of my setups (in the spirit of the article)
I have also rid myself of Google Analytics for a personal website. Replaced with a local solution that parses logs and builds reports that give me quite a bit of information. Its a more ethical type of analytics leaving no cookies behind and no trackers at all. All info is from the web server logs, you can grok quite a bit of insight from this alone.
Email is the biggest challenge, I have mapped out the entire migration steps for Google Workspace to Proton but have not yet pulled the trigger. The main thing is coordination with the rest of my family who use the domain for their email as well, they don't share my obsession with "digital sovereignty" so there is some negotiation around time tables :-) The Proton family plan will cut the bill in about half.
Password management --> KeepassXC with db on local nas. For personal use I feel you can't beat self hosted for password management.
Compute, Digital Ocean I continue to use and has servers in Toronto which works for me geographically. It's very low down my list of migration plans, they just work and they have treated me pretty good over the years.
Storage all self hosted (ownCloud and Openmediavault). Are they the best options, maybe not but they just work. No cloud based storage at all (Google/Apple etc etc). If I ever throw something out there it is gpg encrypted).
Offsite backups, two local copies to seperate drives (dejadup) on my NAS and offsite storage.
There are still some other services I need to consider. I do have Claude Pro. I run local LLM's for a lot of stuff with OpenwebUI but its not a full replacement.
CDN - Also use Cloudflare free tier. Have to give it more thought, it just works so well.
DNS is fully self hosted using dns-crypt-proxy / dnssec to Quad9 and Mullvad DNS. Works great. I actually blackhole any hits to google dns at the router, media and iot devices love to ignore your dns settings.
Github for code hosting. I know, Microsoft, but it works and is not a hill I am willing to die on just yet.
Photos self hosted with Immich on Proxmox. It's been pretty solid.
VPN, Wireguard to the home and have also integrated Tailscale for some things, which has been handy for extending connectivity and supporting my dad in a different city. Apparently they are based in Canada so that is a bonus. I use the free tier for now but am considering the paid version just to support them.
Router and wireless access points all on the latest Openwrt with consumer grade equipment, some of which I picked up used for like 20 bucks. Allows me to have home, guest, media and iot vlans for proper network segregation. Is it overkill? 10 years ago maybe but today I would not run any other way.
While I do think the link highlights are pretty neat, this particular cursor hijack annoys me greatly. Would be nicer to float the link highlights next to the standard cursor.
> The OVHcloud control panel is a labyrinth: the lifecycle rule configuration is buried somewhere in the documentation, and it involves some work in the terminal.
Use OpenTofu/Terraform! Much better than messing with cloud consoles, and then your infrastructure self-documents.
I’d also put out one note to any people outside the EU looking to switch to Mistral or really any service: just because they’re a European company doesn’t mean they’ll follow the GDPR if you don’t live there. Mistral is an example: in their privacy policy, they state that they follow whatever privacy laws exist in your country.
> We are patriotic Americans. We have done everything we have done for the sake of this country, for the sake of supporting U.S. national security... We believe in defeating our autocratic adversaries. We believe in defending America.
and
> So, you know, Anthropic actually has been the most lean forward of all the AI companies in working with the U.S. government and working with the U.S. military. We were the first company to, you know, put our models on the classified cloud.
> We were the first company to make custom models for national security purposes. We're deployed across the intelligence community and military for applications like cyber, you know, combat support operations, various things like this. And, you know, the reason we've done this is, you know, I-- I believe that we have to defend our country.
and
> And so we have said to the Department of War that we are okay with all use cases, basically 98% or 99% of the use cases they want to do, except for two that we're concerned about.
Why are there exceptions for Anthropic, GitHub and GitLab?
> Anthropic is a US company...But it satisfies something else, the sense that the organization building the thing has given serious thought to what it’s building and why.
This reads like a weak excuse. Mistral and Mistral Vibe exists and even if you don't like them, there are many non-US harnesses (Qwen code) that are available.
> GitHub stays in the picture for one specific purpose: public-facing NPM packages and issue tracking for open source software.
First of all Codeberg exists.
Secondly, at this stage relying on NPM and the Java/Typescript ecosystem is quite frankly waiting for a disaster to happen.
This post isn't absolute on moving their digital stack to Europe as it has not one but three exceptions too many.
They had a datacenter burn down (in large part because it was fully built using wood) and lost all customer data and did not take any action for 6 months after the incident.
While the incident did happen, a lot of actions were taken and most of the data was recovered.
OVH now also keeps backups even for clients that don't pay for it.
I was hit by that datacenter catastrophe and got my data back almost immediately, in a new VM.
I've been using them for years with little issue (no more than happened on my AWS or Azure accounts, I would say less because it's less of a mess in general).
I was hit by the fire outage too, and the response was... mixed. I was able to start a new VPS in different region the same day and reconfigure everything, but data on the old instance has been lost. They also kept double-billing me for 3 months without me realizing, support had to step in to delete the instance that wasn't showing in admin panel, but kept generating costs. No refund suggested. I ignored it, since it was like $15 overcharge. Also months later the "deleted" instance reappeared and I had to kill it again. Strange stuff.
Aside of that exceptional case - overall they are pretty great and cheap.
It's fine to have an unstable backup system, as long as any failures in your backups are uncorrelated with failures in your primary system. And a random datacentre burning down probably isn't correlated with anything else, unless you're foolish enough to host your primary and backup copies in the same building.
All else equal, a more stable backup is of course better, but any backup is better than no backups, so choosing the cheapest possible option is often the best strategy since that's the one that you're the most likely to keep using long-term.
I've been dabbling with OVH and it feels very pricey and fragile. Has a very lipstick on a pig approach to whatever they used to be doing before piling into cloud.
> Digital sovereignty sounds like a buzzword until you think
Sure now just think and give me the reason. All these moving to Europe post is getting tiring. Amazon follows the same EU rules, if not more, than Scaleway.
Matt Lakeman writes in one of his blogs that wherever he goes, people tend to love the USA. Except in Europe where he faces a constant storm of criticism. And that was before February. Just like you cannot explain the taste of chocolate to someone, it is hardly possible to explain the mental shift that happened everywhere when the US threatened the EU with military invasion. Like a broken egg this is diplomatic damage that cannot be repaired.
If you sell software and you tell your customers and prospects that everything runs in Europe, by European companies, this instills an enormous amount of trust. Risk averse sectors like manufacturing love this, and it will help you gain customers immediately.
So no, these posts are not tiring to many of us. In fact, we are only at the beginning of the beginning because many of us will be making these migrations. I wish things had run a different course.
So you are saying the reason that it is just perceived better?
Even that's quite debatable as I worked in few European companies and has never faced any backlash for choosing US vendor. Biggest European tech companies like Mistral and Klarna use many US vendors like AWS.
For the past days I've been participating(albeit over Teams) in a conference relevant to my industry (intel), basically startups and established companies showcasing their products to a closed audience of EU gov. officials.
One thing I noticed right away, is that all companies were asked "Can we fully host this from within EU or our country" from the various people in audience. Every single one. Many of the startups had slides prepared for this.
Definitely a change, because it is not something I can recall being important just a couple of years ago.
Seeing and hearing the same. When our giant private equity owners are even pushing us down the on-prem route.
I’m hearing it from “normal” people too which is actually quite weird. To the point of going back to paper for some stuff.
Several organizations in my area of Canada (including ours) have this as a directive right now too, and are actively exploring options for ensuring data is hosted in Canada or Europe (or have already begun or completed their migrations).
Being hosted in Canada is no longer the safety many assumed before. In reality it should not be an American company beholden to the current administration.
Loss of trust towards US is one factor; another is enshittification of services; yet another are good enough monopolies that EU don't have capital to disrupt
This is not a change. It has been asked since the advent of GDPR. So nearly 10 years.
GDPR gave us "oh cool AWS has eu-west-1 and pretends to comply so we can also pretend to comply" but I think the tone has shifted to actually caring, at least a little bit. And with the CLOUD act all the US based hyperscalars can't really offer compliant hosting.
In some cases but not enough. Some of us has been doing a lot to help educate companies and business here and with the current administration - and the fact that they are being explicitly backed/funded by the Silicon Valley tech companies long resisted government overreach - have helped to finally open ears in boardrooms to the dangers of the Cloud Act and other leverage.
It started 10 years ago, but have def escalated the last year IMHO.
Im sorry to say it, but i feel a lot of Europeans have lost a good deal of trust in the US.
The USA is threatening war with the the EU and its allies. A loss of trust doesn't quite convey the seriousness of relationship destruction this causes and the monumental shift that is now happening.
We have gained a lot of confidence that having control ourselves is actually enormously valuable.
As a European: yes definitely. And that won't be fixed if you choose a sane administration again. There can always be another Trump.
I started the process of this back in January and now, at least in terms of product hosting; fully migrated into European infrastructure (https://bannermedia.ltd).
It didn't come without a bit of pain, but glad I've done it - and to come with this I've ended up building a whole terraform setup for cross provider / cross region high availability within Europe.
So far my key mappings included:
- Cloudflare -> Bunny CDN (and honestly I am so impressed with Bunny so far)
- AWS (or similar) -> Hetzner + OVH; I'm also looking at Civo.com for UK presence.
- GitHub -> Forgejo. I do actually still operate in GitHub for development only work, however Forgejo is mirrored within my European private network, and thats where deployment workflows happen.
- Google Analytics -> Self hosted Umami.
I'll be doing a writeup fairly soon on the entire process.
Waiting for your writeup, especially the Bunny part. We moved away from AWS but Cloudflare remains a point of failure, we are going to remove it as soon as we have some spare time to do the required research.
> This website has been temporarily rate limited
Feels a bit ironic... though this website is hosted on Cloudflare Workers so using an American company anyway?
Well this is nice. Apparently I reached some limits (thanks all), and had to pay Cloudflare more. Fair I guess, although some warning would've been nice. Tried multiple payment options multiple times just now and Cloudflare botched every time without giving me an error message. Finally managed to get it through on the 10th time. Please be gentle now :/
Cloudflare = NSA creation to get around HTTPS
citation?
Showed Cloudflare error page "Please check back later - Error 1027" for me for a while... And DNS pointing there! So probably not that European after all!
Did anyone else notice the leading image's caption? Chef's kiss.
While I agree with him that the US is becoming more unpredictable, I don't think the EU is much better, especially with regards to digital things where they can be worse in some ways. For example, they are discussing restricting VPN access for 'child protection'[1]
[1] https://www.europarl.europa.eu/thinktank/en/document/EPRS_AT...
I think that's a very different kind of concern, and its also been very predictable and slow.
I would also say though, you have to be a bit careful about "they are discussing" because there are many people across different countries with different agendas, and a huge amount of discussion between people. Your link for example is a pretty good bit of background info, clearly saying VPNs aren't just about accessing porn
> In the corporate world, VPNs are essential for secure remote work, allowing employees to access company systems without compromising sensitive information. For individual users, VPNs prevent tracking by internet service providers, advertisers and potential cybercriminals. They are also used to access educational or entertainment content that may be restricted in certain countries, including authoritarian regimes, supporting freedom of information and digital inclusivity, as censorship becomes more difficult to enforce through VPN use.
It links off to sites discussing possible approaches to age verification which highlights that various approaches in France didn't meet the regulators requirements because of a lack of privacy.
I think this is a different kind of concern about how your products must work compared to worrying that with little to no notice your country may be cut off due to a diplomatic spat from some specific service.
So are certain states of the USA: https://www.ipvanish.com/blog/ban-vpns-us-privacy/
It's horrible everywhere. If you're in the EU go donate to: https://epicenter.works/ They're a citizen rights NGO working against all that BS in the EU (and in Austria, where they're from).
Most digital things in Europe are in fact much better. Lots of laws allow people to protect themselves from digital exploitation.
I agree that there is a ton of bullshit as well though. Gotta dox myself with imprints for example, so I cant share my work with people without also doxing myself. Also as a hobbyist you pretty much need all the business documents as well, like a privacy policy even if its just a small public app on the playstore. Also gotta make sure that data of European citizens never leaves Europe and and and... Lots of things to remember.
And before anyone asks, yes I know an imprint usually is only required for businesses, but nowadays pretty much everything could have business intent.
Imprint is not needed everywhere in Europe. You need it in Germany, but you don't in the UK.
True, I guess Germany has a lot of extra layers to all this. It's really not easy to actually publish anything without being in risk of some bored lawyer making your life hell.
Utah has already implemented this. But yes this and Chatcontrol is very bad. The EU is not all good and we need to keep fighting such government overreach.
Currently, if you want the internet-climate of the 1990s or even 2010s, you need to build yours, preferably on a different planet, with your own hardware.
We don't have any "ideal" places anymore.
And we need to defend what we support and believe.
This is exactly right. The new internet is analogous to cable television, but of course so much worse in many ways. The outrage and addiction are far worse, there are brand new privacy constraints, and of course it's controlled by powerful business interests with much more time and resources to pump into the problem than you have to fight it.
Have you been around at that time? NSA had recording boxes at ISP routing places, every few days guy would come to swap hdds. Most com was unencrypted. Or read about echolon...
Yeah echelon seemed overwhelming at the time, and encryption was to be the answer.
But it turn out surveillance works just fine if you only focus on the meta data. Knowing who takes to whom, and which sites people visit is much more valuable (and much cheaper) than scanning the actual payload.
And why collect all that data yourself if ad companies are happy to sell it to you, ie to the government? (Huh, maybe that's why Facebook changed its name to Meta, come to think of it)
I was four when I was programming my Commodore 64.
I have seen "parallel [dial-up] modem banks" for "lawful interception", then specialized Ethernet cards for DPI, watched traffic analysis dashboard of a REDACTED country live, did DPI on powerful-enough systems myself for personal testing.
I have gone through USENET, flame wars, IRC; did my own MITM, etc. Always knew about echelon, how escrow based Encryption canceled last moment, etc. etc. etc.
At least, the barriers were higher then. These barriers required people to be considerate, well-targeted and selective. Now we don't have any of these. The overhead is almost non-existent for these things.
Doing dragnet operations were costly, and this allowed curious yet good-hearted people to understand the environment they lived in. Now, we're all blacklisted by default and whitelisted as long as we don't touch the wrong paving stone on the internet.
It used to be other way around.
TL;DR: I'm not 15 years old.
Of course. But then again, it was the US that threatened the EU with military invasion, so if you want your service to continue uninterrupted, it helps being prepared.
The author isn't just moving their personal setup; they're also moving their business operations. It's not some slacktivism 'I don't like the US any more' issue; it's a 'how can I maintain my income now the US is firing all its glass cannon' issue.
Also, the "open your app store to competitors" was just bullshit, eyewash, cop out. The apps on these "alternative app stores" still need to jump through all the hoops, pay apple development fees, get approved etc.
> they are discussing restricting VPN access for 'child protection'
Just like with encryption, there will always be an idiot politician somewhere discussing banning it. Mr Google tells me, for example, that lawmakers in Michigan (US) recently proposed " Anticorruption of Public Morals Act" which contained VPN banning clauses.
Frankly, until such time as it actually NEARS, let alone BECOMES legislation, the only thing posts such as yours are doing is spreading FUD.
The clue is in the URL you post "thinktank". It not even EU parliament, let alone been through the parliament debates, let alone passed to votes, let alone passed to being implemented by member states .... its just a random idea someone wrote down.
And quite frankly, I would still much rather be in the EU's digital environment than that of the US.
Not only that but if you actually read the linked document it isn't calling for a VPN ban. It's a general report on what VPNs are and how they're perceived by various bodies. It does make reference to the UK Child Safety Commissioner's suggestion that they should be restricted to adult use only but it also talks about how essential they are for business etc. On the whole it's quite balanced and the existence of such a report seems very reasonable.
> its just a random idea someone wrote down.
It's a result from the "European Parliamentary Research Service", hosted on the official website of the European parliament. And it is fully inline with recent attempted and success legislation of the same parliament. I am not sure why you would call this a "random idea" and an established member of the Parliamentary Research Service as "someone".
Research.
Not implementation.
Proton Mail Helped FBI Unmask Anonymous ‘Stop Cop City’ Protester https://www.404media.co/proton-mail-helped-fbi-unmask-anonym...
Might want to move your site to a server you own.... site is down due to "rate limits"
Rate limit from Cloudflare, so much for moving to EU Stack :/
Can’t read the article…
But given how often GitHub and AWS East 1 go down, this is good.
One bad day at Amazon shouldn’t stop Europeans from doing laundry.
The cloud should have been localized from the start.
Google Analytics --> Matomo
Matomo charges 22 euros for 50k hits/month.[0] Basically, it's unusable for anything other than a hobby site - especially with the number of crawlers nowadays.
If you self host for free, you're missing basically all of the good parts of web analytics such as funnel analysis as they lock all of those features being paid subs.
[0]https://matomo.org/pricing/
Analytics should be self hosted. For any serious business there should never be a reason to use a SaaS product. For SME (including startups) obviously yes. But if you have devops teams then deploy on your own hardware.
I actually decided to self host analytics and generated a simple drop in google analytics replacement. People overthink these things. It's a very straightforward analytics API. And if you ingest the data in a good database or metrics engine (I used Elasticsearch), you can query it quite easily.
In my case, my motivation was that I want to use LLMs to query the data with agents. This whole thing was surprisingly easy to setup and a positive thing is that you don't have a scary extra data controller doing shady things with the data.
Sorry for the self-promotion, just wanted to mention that I'm actively working on https://vemetric.com and will soon provide a self-hosted version as well. Maybe it's interesting for some of you :)
Or, to plug-in my own solution, you can self-host UXWizz[0], pay once, get all features and also receive support/help with setup/self-hosting and long-term maintenance.
[0]: https://www.uxwizz.com/
All the good parts of web analytics doesn't amount to much anyway. Especially if you desire to have a usable site, which includes no cookie popups.
Umami isn't half bad self hosted. Been using it with Docker Compose for a few years now on a LEB and it's working great.
i.e. you can't give stuff away for free if you aren't one of the 3 largest companies on the planet
Would you pay $20/month for Hacker News access?
I think it's fair that GA is free and Google gets some benefits from using the data for their ad network.
"some benefits" is really underselling it though.
A pragmatic article, always nice. I was surprised that gitlab and github was stillton the list. For me moving to self hosted forgejo was one of the easiest transition i had. But i did not have complex CI/CD needs
Heh, ironic that the link is now "temporarily rate limited" my cloudflare. I can't read the article, but it looks like he did not move everything to europe ;-)
Mirror: https://archive.is/LNYYU — Works for me after switching to reader mode
Just a nitpick: 1Password is Canadian (still not European, but not us based, if that’s the issue). I do understand the choice to move all into proton though.
Off topic: that’s a beautiful website
1Password also lets you pick where your data lives - US, Canada or EU. https://support.1password.com/regions/
Canadian counts as reliable for me ;)
Matomo is nice on low traffic, but when we have a sustained rate of 5-25 logins per second and above things become real slow. Using regexps is really bad when you start having problems, but they are fine on low traffic sites.
So If like it but it is a headache on high traffic sites. If anyone have an easy solution I would gladly accept it.
I have worked with two clients. Both north of 8 million visits a month. Both on matomo. Both self hosted.
If you architect the underlying infra right it still works like a charm. But I admit people need to know what they are doing. I was quite impressed with both infra teams.
But as always, if you do not want tu use auto scaling US cloud based services, you need to enasure you have the right scaling and the necessary technical expertise at hand.
I had no problems either, until we hit peaks. We hit our problems at about 7 million unique logins per month, we do not track visits in the same way. I am not that invested in Matomo and it just costs time for me.
I am not sure how you scale Matomo we could not vertically scale anymore, we never did MySQL clusters because it just was not cost efficient for internal reasons.
Managed a fairly large matomo site in the past. Using queue plugin (https://plugins.matomo.org/QueuedTracking) with Redis Cluster really improves the situation. We actually built a custom plugin with Nginx + Lua to avoid PHP altogether for the tracking part. Scaling ingestion then wasn't the problem, draining the queue was
The tracking was not the issue the problem was report generation with segments. Every segment makes you regenerate all the reports. Tracking part is a problem because you need to split the tracking and report part of you want to have something robust.
Yeah trying to move more stuff out of the US too, while simultaneously trying to pick things that don’t follow the stupid unlimited scaling of how much money we can pull out of your wallet model. Two birds with one stone.
There are definitely technical gaps though. eg bunny still uses one unified api key. CF I can lock to an IP and set granular permissions
See also the Finnish alternative https://upcloud.com/ I also switched from DigitalOcean and have found UpCloud very good for my purposes.
Proton Mail not supporting filters for message bodies is brutal, I understand why they don't do it but that really lowers its usability for me. Bummer.
That lettermint service looks interesting! I was recently looking for something in that price range that covers both transactional and broadcast emails but couldn't find anything in Europe so I settled on Postmark which has been good, this looks almost identical in features and pricing though.
Same here. I just discovered this and put it in my "check out tonight" folder. I am currently happy using resend. But this looks interesting, especially also for my freelance clients with a focus on EU tech.
Scaleway has introduced Edge services recently: https://www.scaleway.com/en/edge-services/
No ddos protection yet.
If anyone else is wondering why no content is visible on the page, it's because it requires JavaScript and a WebGL context.
Reader mode works
And also this:
Cloudflare is no fun. How much coal does the steam engine need to serve this site?so the author didnt fully move to an EU stack. still dependent on Cloudflare, the monopoly.
> This website has been temporarily rate limited
Did he move also the CDN stack? :)
I switched to Protonmail a month ago. It is patently inferior to gmail. Every day I get annoyed by some weakness in the UI that google had apparently just always solved without me ever having to think about it. For example, reading long email chains in the proton UI is horrific. I don't know what google did that made it natural to read and proton does so badly, but it is painful to read these long chains of emails. Another example is log emails from my servers are getting grouped together by Proton. Gmail had sepearated the logs into separate emails in a very natural way. These small annoyances add up and I'm not having a fun time right now with proton.
This is actually a pretty interesting observation as GMail, when it first came out, was just as clunky as all the other webmail clients. At the time, everyone was used to Yahoo!, MSN, etc. and Google was the odd one out with their webmail client.
This changed when they were the first folks out there to get a dynamic interface in the browser (some of you may fondly or not so fondly remember the days of DHTML, XMLHTTPRequest, and the like). Fast forward 10 or 15 years and now GMail is the standard by which everything else is measured.
I'm sure there are some things that are objectively better, but a surprising amount of preference comes from familiarity.
Temporarily rate limited ... By CloudFlare?
Choosing between two tech-unfriendly regimes doesn't intrinsically strike me as appealing.
The logical thing would be to move everything to HK, China.
5:30 am PT Open hackernews “Oh look, another post by a European about moving data around arbitrarily” Start my day
Doing the same! The US is rapidly getting worse and worse
Great post! Today we just launched an European alternative to Claude Code - Berget Code- https://berget.ai/code
150 euros a month to try it out is a bit rough, although I guess you're aiming for a different market than hobbyists
And how should one mispronounce "Berget"? :)
Headquartered in Stockholm, so "bear-yet" should get you fairly close.
From Rome to Babylon.
I own the domain govern.eu
I didn‘t yet have a good idea on how to utilize it, open to ideas.
not the domain name :)
A .com domain is not exclusive to the United States
Unfortunately, it is.
Unless you're implying that Verisign isn't a US company, just because .com has become the conventional domain for businesses worldwide doesn't change the fact that it's US-based. Similarly, the EU's widespread adoption of Microsoft Office doesn't make it any less American.
EDIT: That was unpopular. Why?
It is not
Source: own multiple, via EU registrar
(Edit: Parent was edited after reply - parent statement is now correct)
Registering a .com through a EU-based registrar doesn't change anything.
Verisign, the organisation that actually controls the .com top-level domain, is a US company and operates under US jurisdiction.
Where you purchase the domain from is irrelevant.
That… is true - thanks for editing your comment to clarify
The initial thread read like “.com domains are exclusive to US” which they of course aren’t
It's a bit like .gov and .edu; technically exclusive to the US. The difference is that .com and .org were opened up for anyone to purchase.
And it goes deeper than just intent: .com was literally administered under a US government contract for decades, with Verisign only ending up in control because they acquired the company that held that government contract.
So while anyone can buy a .com today, the infrastructure and oversight have always been firmly American.
you do not really own a domain
I am not running a company, just a household but this article speaks to me. I have given this topic plenty of thought in the past year as I have a growing unease with large American tech firms and how they use data. These are some of my setups (in the spirit of the article)
I have also rid myself of Google Analytics for a personal website. Replaced with a local solution that parses logs and builds reports that give me quite a bit of information. Its a more ethical type of analytics leaving no cookies behind and no trackers at all. All info is from the web server logs, you can grok quite a bit of insight from this alone.
Email is the biggest challenge, I have mapped out the entire migration steps for Google Workspace to Proton but have not yet pulled the trigger. The main thing is coordination with the rest of my family who use the domain for their email as well, they don't share my obsession with "digital sovereignty" so there is some negotiation around time tables :-) The Proton family plan will cut the bill in about half.
Password management --> KeepassXC with db on local nas. For personal use I feel you can't beat self hosted for password management.
Compute, Digital Ocean I continue to use and has servers in Toronto which works for me geographically. It's very low down my list of migration plans, they just work and they have treated me pretty good over the years.
Storage all self hosted (ownCloud and Openmediavault). Are they the best options, maybe not but they just work. No cloud based storage at all (Google/Apple etc etc). If I ever throw something out there it is gpg encrypted).
Offsite backups, two local copies to seperate drives (dejadup) on my NAS and offsite storage.
There are still some other services I need to consider. I do have Claude Pro. I run local LLM's for a lot of stuff with OpenwebUI but its not a full replacement.
CDN - Also use Cloudflare free tier. Have to give it more thought, it just works so well.
DNS is fully self hosted using dns-crypt-proxy / dnssec to Quad9 and Mullvad DNS. Works great. I actually blackhole any hits to google dns at the router, media and iot devices love to ignore your dns settings.
Github for code hosting. I know, Microsoft, but it works and is not a hill I am willing to die on just yet.
Photos self hosted with Immich on Proxmox. It's been pretty solid.
VPN, Wireguard to the home and have also integrated Tailscale for some things, which has been handy for extending connectivity and supporting my dad in a different city. Apparently they are based in Canada so that is a bonus. I use the free tier for now but am considering the paid version just to support them.
Router and wireless access points all on the latest Openwrt with consumer grade equipment, some of which I picked up used for like 20 bucks. Allows me to have home, guest, media and iot vlans for proper network segregation. Is it overkill? 10 years ago maybe but today I would not run any other way.
Thanks for attending my Ted Talk.
Everyone talks about Proton, but I've used Tuta.com for years (no vested interest) and it works fine
While I do think the link highlights are pretty neat, this particular cursor hijack annoys me greatly. Would be nicer to float the link highlights next to the standard cursor.
> The OVHcloud control panel is a labyrinth: the lifecycle rule configuration is buried somewhere in the documentation, and it involves some work in the terminal.
Use OpenTofu/Terraform! Much better than messing with cloud consoles, and then your infrastructure self-documents.
I’d also put out one note to any people outside the EU looking to switch to Mistral or really any service: just because they’re a European company doesn’t mean they’ll follow the GDPR if you don’t live there. Mistral is an example: in their privacy policy, they state that they follow whatever privacy laws exist in your country.
Disagree on his characterization of Claude as being much better than OpenAI (a very low bar), esp from a sovereignty perspective. Here's what Anthropic's CEO had to say (from https://www.cbsnews.com/news/anthropic-ceo-dario-amodei-full...):
> We are patriotic Americans. We have done everything we have done for the sake of this country, for the sake of supporting U.S. national security... We believe in defeating our autocratic adversaries. We believe in defending America.
and
> So, you know, Anthropic actually has been the most lean forward of all the AI companies in working with the U.S. government and working with the U.S. military. We were the first company to, you know, put our models on the classified cloud.
> We were the first company to make custom models for national security purposes. We're deployed across the intelligence community and military for applications like cyber, you know, combat support operations, various things like this. And, you know, the reason we've done this is, you know, I-- I believe that we have to defend our country.
and
> And so we have said to the Department of War that we are okay with all use cases, basically 98% or 99% of the use cases they want to do, except for two that we're concerned about.
Small print: With exceptions
Why are there exceptions for Anthropic, GitHub and GitLab?
> Anthropic is a US company...But it satisfies something else, the sense that the organization building the thing has given serious thought to what it’s building and why.
This reads like a weak excuse. Mistral and Mistral Vibe exists and even if you don't like them, there are many non-US harnesses (Qwen code) that are available.
> GitHub stays in the picture for one specific purpose: public-facing NPM packages and issue tracking for open source software.
First of all Codeberg exists.
Secondly, at this stage relying on NPM and the Java/Typescript ecosystem is quite frankly waiting for a disaster to happen.
This post isn't absolute on moving their digital stack to Europe as it has not one but three exceptions too many.
Kjajdsk
Using OVH for backups is a crazy choice.
They had a datacenter burn down (in large part because it was fully built using wood) and lost all customer data and did not take any action for 6 months after the incident.
They're just not a serious company.
This is borderline adversarial propaganda.
While the incident did happen, a lot of actions were taken and most of the data was recovered. OVH now also keeps backups even for clients that don't pay for it.
I was hit by that datacenter catastrophe and got my data back almost immediately, in a new VM.
I've been using them for years with little issue (no more than happened on my AWS or Azure accounts, I would say less because it's less of a mess in general).
Stop spreading false rumors.
I was hit by the fire outage too, and the response was... mixed. I was able to start a new VPS in different region the same day and reconfigure everything, but data on the old instance has been lost. They also kept double-billing me for 3 months without me realizing, support had to step in to delete the instance that wasn't showing in admin panel, but kept generating costs. No refund suggested. I ignored it, since it was like $15 overcharge. Also months later the "deleted" instance reappeared and I had to kill it again. Strange stuff.
Aside of that exceptional case - overall they are pretty great and cheap.
It's fine to have an unstable backup system, as long as any failures in your backups are uncorrelated with failures in your primary system. And a random datacentre burning down probably isn't correlated with anything else, unless you're foolish enough to host your primary and backup copies in the same building.
All else equal, a more stable backup is of course better, but any backup is better than no backups, so choosing the cheapest possible option is often the best strategy since that's the one that you're the most likely to keep using long-term.
Any source for this? Would love to read up on this.
https://www.datacenterdynamics.com/en/opinions/ovhclouds-dat...
Wooden floors contributed to the fire, they were fire resistant but that only lasts so long. Fire-doors are often the same type of wood.
Thanks a ton. Much appreciated. I am looking for German/EU options so this is highly relevant.
this was 5 years ago. There were many threads on it on HN that may be of interest to you
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
Thanks a ton. Greatly appreciated. I am currently evaluation options. So this is relevant to me.
It's important to distinguish between a backup strategy and a backup location. A real backup strategy would involve multiple locations (3-2-1 etc)
I've been dabbling with OVH and it feels very pricey and fragile. Has a very lipstick on a pig approach to whatever they used to be doing before piling into cloud.
> Digital sovereignty sounds like a buzzword until you think
Sure now just think and give me the reason. All these moving to Europe post is getting tiring. Amazon follows the same EU rules, if not more, than Scaleway.
Matt Lakeman writes in one of his blogs that wherever he goes, people tend to love the USA. Except in Europe where he faces a constant storm of criticism. And that was before February. Just like you cannot explain the taste of chocolate to someone, it is hardly possible to explain the mental shift that happened everywhere when the US threatened the EU with military invasion. Like a broken egg this is diplomatic damage that cannot be repaired.
If you sell software and you tell your customers and prospects that everything runs in Europe, by European companies, this instills an enormous amount of trust. Risk averse sectors like manufacturing love this, and it will help you gain customers immediately.
So no, these posts are not tiring to many of us. In fact, we are only at the beginning of the beginning because many of us will be making these migrations. I wish things had run a different course.
> this instills an enormous amount of trust
So you are saying the reason that it is just perceived better?
Even that's quite debatable as I worked in few European companies and has never faced any backlash for choosing US vendor. Biggest European tech companies like Mistral and Klarna use many US vendors like AWS.
Second paragraph: https://en.wikipedia.org/wiki/CLOUD_Act
Later in the article:
> The act is not limited to companies based in the United States.
> if not more
more mean the US rules that hoover up all the data for the government